Logfile of random's system information tool 1.09 (written by random/random) Run by Hans at 2014-05-03 13:25:05 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 205 GB (73%) free of 282 GB Total RAM: 3006 MB (15% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:25:18, on 3-5-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Users\hans\AppData\Roaming\Spotify\spotify.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Hans.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/12 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109985&babsrc=HP_ss&mntrId=425d9bf5000000000000f2df9a913d66 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Spotify] "C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Pokki] C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1] "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\hans\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Show Zoho CRM.lnk = C:\AdventNet\ZohoCRM\bin\zohocrm_tray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 18731 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe winlogon.exe C:\windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe" C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\Hpservice.exe C:\windows\system32\vcsFPService.exe C:\windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\windows\system32\WLANExt.exe 31512080 \??\C:\windows\system32\conhost.exe "1068011982-149758101490241947-9401076311457491071241064396-18561635031643489476 C:\windows\System32\spoolsv.exe "c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe" C:\windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe" C:\windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe" "C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe" C:\windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe" C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2960 "C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" C:\windows\system32\wbem\unsecapp.exe -Embedding C:\windows\system32\svchost.exe -k HPService C:\windows\system32\wbem\wmiprvse.exe "c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe" atieclxx C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k bthsvcs C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\servicing\TrustedInstaller.exe "taskhost.exe" "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe" "C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log "C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log "c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe" "C:\windows\system32\Dwm.exe" C:\windows\Explorer.EXE "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun C:\windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe" \??\C:\windows\system32\conhost.exe "1521496285-110197688814753230321262802788-1368487500-207653235947512971276336381 "c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe" "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Users\hans\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" C:\windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/16/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="2832.2.105772967\1063132673" /prefetch:3 "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3364.0.395771172\732071815" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.840.7.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6260 CREDAT:267521 /prefetch:2 "C:\Program Files\iPod\bin\iPodService.exe" "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group15 pct:1f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_67/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3364.1.1940245694\511757156" /prefetch:673131151 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" C:\windows\system32\sppsvc.exe wmiadap.exe /F /T /R "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2704.0.819477927\137211593" /prefetch:673131151 "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2704.1.1020550248\428102701" /prefetch:673131151 "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2704.2.2135988740\2073557017" /prefetch:673131151 "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="2704.3.1566681306\565871629" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --disable-image-transport-surface --reduce-gpu-sandbox --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.840.7.0 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\system32\Macromed\Flash\FlashUtil64_13_0_0_206_ActiveX.exe -Embedding "C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe" taskeng.exe {B368DA9F-D8B6-4E02-B30C-E288F78A17D8} -Minimized "C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe" C:\windows\system32\igfxext.exe -Embedding C:\windows\system32\igfxsrvc.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6260 CREDAT:2430217 /prefetch:2 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6260 CREDAT:3675411 /prefetch:2 "C:\Users\hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0YOC9HA\RSITx64.exe" C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159UA.job C:\windows\tasks\HPCeeScheduleForHans.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-23 545264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-23 193520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}] File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960] "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704] "Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328] "MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704] "HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-12 1664000] "BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-09-14 764544] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-08 2774256] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03 136176] "MobileDocuments"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [2012-02-23 59240] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2012-02-23 59240] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2012-02-24 59240] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "Spotify"=C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe [2014-05-02 6206520] "Pokki"=C:\Users\hans\AppData\Local\Pokki\Engine\Launcher.dll [2013-11-01 1240344] "Spotify Web Helper"=C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-05-02 1176632] "GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1"=C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe [2014-04-02 841032] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"=C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe [2013-11-01 8252744] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160] "HP HD Webcam [Fixed]_Monitor"=C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-28 336384] "DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] "HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2012-03-12 169528] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920] "QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728] "HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736] ""= [] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-10-01 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Show Zoho CRM.lnk - C:\AdventNet\ZohoCRM\bin\zohocrm_tray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\windows\system32\igfxdev.dll [2011-01-27 385024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=EpePcNp64 DPPassFilter scecli [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoWelcomeScreen"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave3"=wdmaud.drv "mixer3"=wdmaud.drv "midi3"=wdmaud.drv "wave4"=wdmaud.drv "mixer4"=wdmaud.drv "midi4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-05-03 13:25:06 ----D---- C:\Program Files\trend micro 2014-05-03 13:25:05 ----D---- C:\rsit 2014-04-12 03:04:07 ----A---- C:\windows\SYSWOW64\ieui.dll 2014-04-12 03:04:07 ----A---- C:\windows\system32\ieui.dll 2014-04-12 03:03:58 ----A---- C:\windows\SYSWOW64\vbscript.dll 2014-04-12 03:03:58 ----A---- C:\windows\system32\vbscript.dll 2014-04-12 03:03:39 ----A---- C:\windows\system32\ie4uinit.exe 2014-04-12 03:03:38 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll 2014-04-12 03:03:38 ----A---- C:\windows\system32\iernonce.dll 2014-04-12 03:03:38 ----A---- C:\windows\system32\ieetwcollectorres.dll 2014-04-12 03:03:34 ----A---- C:\windows\SYSWOW64\msrating.dll 2014-04-12 03:03:34 ----A---- C:\windows\SYSWOW64\dxtrans.dll 2014-04-12 03:03:34 ----A---- C:\windows\SYSWOW64\dxtmsft.dll 2014-04-12 03:03:34 ----A---- C:\windows\system32\jscript9diag.dll 2014-04-12 03:03:34 ----A---- C:\windows\system32\dxtrans.dll 2014-04-12 03:03:34 ----A---- C:\windows\system32\dxtmsft.dll 2014-04-12 03:03:33 ----A---- C:\windows\SYSWOW64\msfeeds.dll 2014-04-12 03:03:33 ----A---- C:\windows\system32\msrating.dll 2014-04-12 03:03:33 ----A---- C:\windows\system32\jsproxy.dll 2014-04-12 03:03:32 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2014-04-12 03:03:32 ----A---- C:\windows\system32\msfeeds.dll 2014-04-12 03:03:31 ----A---- C:\windows\SYSWOW64\ieUnatt.exe 2014-04-12 03:03:31 ----A---- C:\windows\SYSWOW64\iesetup.dll 2014-04-12 03:03:31 ----A---- C:\windows\system32\ieUnatt.exe 2014-04-12 03:03:30 ----A---- C:\windows\SYSWOW64\iernonce.dll 2014-04-12 03:03:30 ----A---- C:\windows\system32\iesetup.dll 2014-04-12 03:03:27 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-04-12 03:03:26 ----A---- C:\windows\system32\mshtml.dll 2014-04-12 03:03:22 ----A---- C:\windows\SYSWOW64\jscript9diag.dll 2014-04-12 03:03:22 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll 2014-04-12 03:03:22 ----A---- C:\windows\SYSWOW64\ieapfltr.dll 2014-04-12 03:03:21 ----A---- C:\windows\system32\ieetwproxystub.dll 2014-04-12 03:03:21 ----A---- C:\windows\system32\ieetwcollector.exe 2014-04-12 03:03:21 ----A---- C:\windows\system32\ieapfltr.dll 2014-04-12 03:03:20 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe 2014-04-12 03:03:17 ----A---- C:\windows\SYSWOW64\iertutil.dll 2014-04-12 03:03:16 ----A---- C:\windows\SYSWOW64\wininet.dll 2014-04-12 03:03:16 ----A---- C:\windows\system32\wininet.dll 2014-04-12 03:03:16 ----A---- C:\windows\system32\iertutil.dll 2014-04-12 03:03:15 ----A---- C:\windows\SYSWOW64\urlmon.dll 2014-04-12 03:03:15 ----A---- C:\windows\system32\urlmon.dll 2014-04-12 03:03:13 ----A---- C:\windows\system32\ieframe.dll 2014-04-12 03:03:12 ----A---- C:\windows\SYSWOW64\ieframe.dll 2014-04-12 03:03:11 ----A---- C:\windows\SYSWOW64\mshtml.dll 2014-04-12 03:03:11 ----A---- C:\windows\system32\jscript9.dll 2014-04-12 03:03:10 ----A---- C:\windows\SYSWOW64\jscript9.dll 2014-04-11 20:20:51 ----A---- C:\windows\system32\drivers\storport.sys 2014-04-11 20:20:51 ----A---- C:\windows\system32\drivers\msiscsi.sys 2014-04-11 20:20:51 ----A---- C:\windows\system32\drivers\Diskdump.sys 2014-04-11 20:20:50 ----A---- C:\windows\SYSWOW64\iologmsg.dll 2014-04-11 20:20:50 ----A---- C:\windows\system32\iologmsg.dll 2014-04-11 20:20:47 ----A---- C:\windows\system32\kernel32.dll 2014-04-11 20:20:46 ----A---- C:\windows\SYSWOW64\kernel32.dll 2014-04-11 20:20:46 ----A---- C:\windows\system32\wow64win.dll 2014-04-11 20:20:46 ----A---- C:\windows\system32\wow64.dll 2014-04-11 20:20:45 ----A---- C:\windows\SYSWOW64\setup16.exe 2014-04-11 20:20:45 ----A---- C:\windows\SYSWOW64\ntvdm64.dll 2014-04-11 20:20:45 ----A---- C:\windows\system32\wow64cpu.dll 2014-04-11 20:20:45 ----A---- C:\windows\system32\ntvdm64.dll 2014-04-11 20:20:38 ----A---- C:\windows\SYSWOW64\wow32.dll 2014-04-11 20:20:37 ----A---- C:\windows\SYSWOW64\user.exe 2014-04-11 20:20:37 ----A---- C:\windows\SYSWOW64\instnm.exe 2014-04-11 20:20:35 ----A---- C:\windows\system32\drivers\ntfs.sys 2014-04-11 14:35:11 ----D---- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} ======List of files/folders modified in the last 1 month====== 2014-05-03 13:25:06 ----RD---- C:\Program Files 2014-05-03 13:23:28 ----D---- C:\windows\Prefetch 2014-05-03 13:22:48 ----D---- C:\Users\hans\AppData\Roaming\Spotify 2014-05-03 13:22:40 ----A---- C:\windows\win.ini 2014-05-03 13:22:19 ----A---- C:\windows\SYSWOW64\log.txt 2014-05-03 13:21:32 ----D---- C:\windows\Temp 2014-05-03 13:19:02 ----D---- C:\windows\system32\config 2014-05-03 13:19:02 ----D---- C:\ProgramData\PDFC 2014-05-03 13:18:59 ----D---- C:\ProgramData\HPQLOG 2014-05-03 13:18:40 ----A---- C:\windows\ntbtlog.txt 2014-05-03 12:03:38 ----D---- C:\windows\System32 2014-05-03 12:03:37 ----D---- C:\windows\inf 2014-05-03 12:03:37 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-05-03 11:56:54 ----D---- C:\windows\system32\Tasks 2014-05-03 11:55:57 ----D---- C:\windows\Minidump 2014-05-03 11:55:53 ----D---- C:\Windows 2014-05-02 18:34:03 ----D---- C:\windows\SysWOW64 2014-05-02 18:33:56 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe 2014-05-02 18:20:29 ----D---- C:\windows\rescache 2014-04-12 03:25:51 ----D---- C:\windows\winsxs 2014-04-12 03:22:18 ----D---- C:\windows\SYSWOW64\nl-NL 2014-04-12 03:22:18 ----D---- C:\windows\SYSWOW64\en-US 2014-04-12 03:22:18 ----D---- C:\Program Files\Internet Explorer 2014-04-12 03:22:17 ----D---- C:\windows\system32\nl-NL 2014-04-12 03:22:17 ----D---- C:\windows\system32\en-US 2014-04-12 03:22:17 ----D---- C:\windows\PolicyDefinitions 2014-04-12 03:22:16 ----D---- C:\windows\system32\drivers 2014-04-12 03:22:16 ----D---- C:\Program Files (x86)\Internet Explorer 2014-04-12 03:22:15 ----D---- C:\windows\AppPatch 2014-04-12 03:22:14 ----D---- C:\windows\system32\DriverStore 2014-04-12 03:05:33 ----SHD---- C:\windows\Installer 2014-04-12 03:05:33 ----HD---- C:\Config.Msi 2014-04-12 03:05:33 ----D---- C:\ProgramData\Microsoft Help 2014-04-12 03:04:35 ----D---- C:\windows\system32\catroot 2014-04-12 03:04:34 ----D---- C:\windows\system32\catroot2 2014-04-12 03:00:46 ----SHD---- C:\System Volume Information 2014-04-11 14:43:56 ----D---- C:\windows\Tasks 2014-04-11 14:42:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-04-11 14:42:29 ----D---- C:\windows\Help 2014-04-11 14:39:04 ----RSD---- C:\windows\assembly 2014-04-11 14:37:44 ----D---- C:\Program Files (x86)\Hewlett-Packard 2014-04-11 14:35:11 ----HD---- C:\ProgramData 2014-04-11 14:19:48 ----D---- C:\ProgramData\Hewlett-Packard 2014-04-11 14:16:59 ----D---- C:\swsetup 2014-04-11 12:18:56 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-04-08 13:57:15 ----SD---- C:\Users\hans\AppData\Roaming\Microsoft 2014-04-07 22:21:12 ----D---- C:\Users\hans\AppData\Roaming\Apple Computer 2014-04-07 19:37:08 ----D---- C:\windows\Microsoft.NET 2014-04-07 18:01:56 ----D---- C:\Program Files (x86) 2014-04-07 17:42:14 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040] R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320] R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 19600] R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072] R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-08-21 969200] R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-08-21 359464] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-08-21 59728] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560] R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392] R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232] R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840] R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424] R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616] R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192] R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-09-14 88728] R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-09-14 344216] R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-09-14 114840] R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-09-14 33944] R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-09-14 178840] R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-09-14 77464] R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-09-14 135832] R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-09-14 575128] R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912] R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408] R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-06-12 175928] R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-06-12 708200] R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\windows\system32\DRIVERS\stwrt64.sys [2013-06-12 543744] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\windows\system32\drivers\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-08 524016] R3 vpcbus;Hostbusservice voor Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944] R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880] S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2012-09-14 55448] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336] S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 netr28ux;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista; C:\windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328] S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RimUsb;BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb_AMD64.sys [2012-03-20 28416] S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-06-12 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-28 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136] R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104] R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624] R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000] R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336] R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168] R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952] R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-12 323072] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064] R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280] R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224] R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864] R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192] R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-01 641352] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-02 257712] S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15 136176] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-06 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136] S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------